OSSP CVS Repository

ossp - Difference in ossp-pkg/lmtp2nntp/lmtp2nntp_config.c versions 1.38 and 1.39
Not logged in
[Honeypot]  [Browse]  [Home]  [Login]  [Reports
[Search]  [Ticket]  [Timeline
  [History

ossp-pkg/lmtp2nntp/lmtp2nntp_config.c 1.38 -> 1.39

--- lmtp2nntp_config.c   2002/02/04 14:48:30     1.38
+++ lmtp2nntp_config.c   2002/02/04 15:43:01     1.39
@@ -221,6 +221,7 @@
     try {
         char *cp;
         int i;
+        int somepass;
 
         if (   (val_get(ctx->val, "option.acl", &ov) != VAL_OK)
             || (ov->ndata <  0)
@@ -230,8 +231,22 @@
         for (i = 0; i < ov->ndata; i++)
             log2(ctx, TRACE, "--acl[%d] = \"%s\"", i, (ov->data.m)[i]);
 
+        /* check if only blocking ACLs exist */
+        somepass = FALSE;
+        if (ov->ndata >= 1) {
+            for (i = 0; i < ov->ndata; i++) {
+                cp = (ov->data.m)[i];
+                if (cp[0] != '!') {
+                    somepass = TRUE;
+                    break;
+                }
+            }
+        }
+
+        /* if only blocking ACLs exist, reserve space for two additional pass-through wildcards */
+        if ((ctx->pacl = (struct acl *)malloc((ov->ndata + somepass ? 0 : 2 ) * sizeof(struct acl))) == NULL) throw(0,0,0);
+
         if (ov->ndata >= 1) {
-            if ((ctx->pacl = (struct acl *)malloc(ov->ndata * sizeof(struct acl))) == NULL) throw(0,0,0);
             for (i = 0; i < ov->ndata; i++) {
                 cp = (ov->data.m)[i];
                 log2(ctx, DEBUG, "cp = (data.m)[%d] = \"%s\"", i, cp);
@@ -241,7 +256,7 @@
                 }
                 else {
                     ctx->pacl[i].acl = strdup(cp);
-                    ctx->pacl[i].not = TRUE;
+                    ctx->pacl[i].not = FALSE;
                 }
                 log2(ctx, DEBUG, "ctx->pacl[%d].not = %s", i, ctx->pacl[i].not == TRUE ? "TRUE" : "FALSE");
                 log2(ctx, DEBUG, "ctx->pacl[%d].acl = %s", i, ctx->pacl[i].acl);
@@ -262,6 +277,42 @@
             }
             ctx->nacl = i;
         }
+
+        /* if only blocking ACLs exist, append a wildcard pass-through for IPv4 */
+        if (!somepass) {
+            i = ctx->nacl;
+            ctx->pacl[i].acl = "0.0.0.0";
+            ctx->pacl[i].not = FALSE;
+            ctx->pacl[i].prefixlen = 0;
+            if ((rc = sa_addr_create(&ctx->pacl[i].saa)) != SA_OK) {
+                log1(ctx, ERROR, "option --acl, create IPv4 pass-through address (internal) failed with \"%s\"", sa_error(rc));
+                throw(0,0,0);
+            }
+            if ((rc = sa_addr_u2a(ctx->pacl[i].saa, "inet://%s:0", ctx->pacl[i].acl)) != SA_OK) {
+                log2(ctx, ERROR, "option --acl, parsing IPv4 pass-through address (%s) failed with \"%s\"", ctx->pacl[i].acl, sa_error(rc));
+                throw(0,0,0);
+            }
+            i++;
+            ctx->nacl = i;
+        }
+
+        /* if only blocking ACLs exist, append a wildcard pass-through for IPv6 */
+        if (!somepass) {
+            i = ctx->nacl;
+            ctx->pacl[i].acl = "[::]";
+            ctx->pacl[i].not = FALSE;
+            ctx->pacl[i].prefixlen = 0;
+            if ((rc = sa_addr_create(&ctx->pacl[i].saa)) != SA_OK) {
+                log1(ctx, ERROR, "option --acl, create IPv6 pass-through address (internal) failed with \"%s\"", sa_error(rc));
+                throw(0,0,0);
+            }
+            if ((rc = sa_addr_u2a(ctx->pacl[i].saa, "inet://%s:0", ctx->pacl[i].acl)) != SA_OK) {
+                log2(ctx, ERROR, "option --acl, parsing IPv6 pass-through address (%s) failed with \"%s\"", ctx->pacl[i].acl, sa_error(rc));
+                throw(0,0,0);
+            }
+            i++;
+            ctx->nacl = i;
+        }
     }
     catch (ex)
         rethrow;

CVSTrac 2.0.1